def update(self, param, reset_failcount=True):
"""
update - process initialization parameters
:param param: dict of initialization parameters
:type param: dict
:return: nothing
"""
if "otpkey" not in param:
raise ParameterError("Missing parameter: 'otpkey'")
# motp token specific
try:
otpPin = param["otppin"]
except KeyError:
raise ParameterError("Missing parameter: 'otppin'")
self.setUserPin(otpPin)
HmacTokenClass.update(self, param, reset_failcount)
return
def update(self, param, reset_fail_count=True):
"""
token initialization with user parameters
:param param: dict of initialization parameters
:param reset_fail_count : boolean if the fail count should be reset
:return: nothing
"""
# ------------------------------------------------------------------ --
# set the required phone / mobile number
if 'phone' not in param:
raise ParameterError("Missing parameter: 'phone'")
self.set_phone(param['phone'])
# ------------------------------------------------------------------ --
# lower layer should generate the token seed and
# use the sha256 for the hmac operations
param['genkey'] = 1
param['hashlib'] = 'sha256'
# ------------------------------------------------------------------ --
# call update method of parent class
HmacTokenClass.update(self, param, reset_fail_count)
def update(self, param, reset_failcount=True):
"""
update - process initialization parameters
:param param: dict of initialization parameters
:type param: dict
:return: nothing
"""
LOG.debug("[update] begin. adjust the token class with: param %r" %
param)
_ = context['translate']
# in the scope helpdesk we allways have a user
# to whom the token will be assigned
if param.get('::scope::', {}).get('helpdesk', False):
user = param['::scope::']['user']
u_info = getUserDetail(user)
param[self.EMAIL_ADDRESS_KEY] = u_info.get('email', None)
# specific - e-mail
self._email_address = param[self.EMAIL_ADDRESS_KEY]
# in scope selfservice - check if edit_email is allowed
# if not allowed to edit, check if the email is the same
# as from the user data
if param.get('::scope::', {}).get('selfservice', False):
user = param['::scope::']['user']
if not is_email_editable(user):
u_info = getUserDetail(user)
u_email = u_info.get('email', None)
if u_email.strip() != self._email_address.strip():
raise Exception(
_('User is not allowed to set '
'email address'))
# in case of the e-mail token, only the server must know the otpkey
# thus if none is provided, we let create one (in the TokenClass)
if 'genkey' not in param and 'otpkey' not in param:
param['genkey'] = 1
HmacTokenClass.update(self, param, reset_failcount)
LOG.debug("[update] end. all token parameters are set.")
return
def update(self, param, reset_failcount=True):
'''
update - process initialization parameters
:param param: dict of initialization parameters
:type param: dict
:return: nothing
'''
_ = context['translate']
# specific - phone
try:
phone = param['phone']
except KeyError:
raise ParameterError("Missing parameter: 'phone'")
# in scope selfservice - check if edit_sms is allowed
# if not allowed to edit, check if the phone is the same
# as from the user data
if param.get('::scope::', {}).get('selfservice', False):
user = param['::scope::']['user']
if not is_phone_editable(user):
u_info = getUserDetail(user)
u_phone = u_info.get('mobile', u_info.get('phone', None))
if u_phone != phone:
raise Exception(
_('User is not allowed to '
'set phone number'))
self.setPhone(phone)
# in case of the sms token, only the server must know the otpkey
# thus if none is provided, we let create one (in the TokenClass)
if 'genkey' not in param and 'otpkey' not in param:
param['genkey'] = 1
HmacTokenClass.update(self, param, reset_failcount)
return
def update(self, param, reset_failcount=True):
"""
update - process initialization parameters
:param param: dict of initialization parameters
:type param: dict
:return: nothing
"""
# specific - phone
try:
phone = param["phone"]
except KeyError:
raise ParameterError("Missing parameter: 'phone'")
# in scope selfservice - check if edit_sms is allowed
# if not allowed to edit, check if the phone is the same
# as from the user data
if param.get("::scope::", {}).get("selfservice", False):
user = param["::scope::"]["user"]
if not is_phone_editable(user):
u_info = getUserDetail(user)
u_phone = u_info.get("mobile", u_info.get("phone", None))
if u_phone != phone:
raise Exception(
_("User is not allowed to set phone number")
)
self.setPhone(phone)
# in case of the sms token, only the server must know the otpkey
# thus if none is provided, we let create one (in the TokenClass)
if "genkey" not in param and "otpkey" not in param:
param["genkey"] = 1
HmacTokenClass.update(self, param, reset_failcount)
return
def update(self, param, reset_failcount=True):
"""
update - process initialization parameters
:param param: dict of initialization parameters
:type param: dict
:return: nothing
"""
LOG.debug("[update] begin. adjust the token class with: param %r"
% param)
_ = context['translate']
# specific - e-mail
self._email_address = param[self.EMAIL_ADDRESS_KEY]
# in scope selfservice - check if edit_email is allowed
# if not allowed to edit, check if the email is the same
# as from the user data
if param.get('::scope::', {}).get('selfservice', False):
user = param['::scope::']['user']
if not is_email_editable(user):
u_info = getUserDetail(user)
u_email = u_info.get('email', None)
if u_email.strip() != self._email_address.strip():
raise Exception(_('User is not allowed to set '
'email address'))
# in case of the e-mail token, only the server must know the otpkey
# thus if none is provided, we let create one (in the TokenClass)
if 'genkey' not in param and 'otpkey' not in param:
param['genkey'] = 1
HmacTokenClass.update(self, param, reset_failcount)
LOG.debug("[update] end. all token parameters are set.")
return
def update(self, param, reset_failcount=True):
"""
update - process initialization parameters
:param param: dict of initialization parameters
:type param: dict
:return: nothing
"""
LOG.debug("[update] begin. adjust the token class with: param %r",
param)
# specific - e-mail
self._email_address = param[self.EMAIL_ADDRESS_KEY]
# in scope selfservice - check if edit_email is allowed
# if not allowed to edit, check if the email is the same
# as from the user data
if param.get("::scope::", {}).get("selfservice", False):
user = param["::scope::"]["user"]
if not is_email_editable(user):
u_info = getUserDetail(user)
u_email = u_info.get("email", None)
if u_email.strip() != self._email_address.strip():
raise Exception(
_("User is not allowed to set email address"))
# in case of the e-mail token, only the server must know the otpkey
# thus if none is provided, we let create one (in the TokenClass)
if "genkey" not in param and "otpkey" not in param:
param["genkey"] = 1
HmacTokenClass.update(self, param, reset_failcount)
LOG.debug("[update] end. all token parameters are set.")
return
def update(self, param):
'''
update - process the initialization parameters
:param param: dict of initialization parameters
:type param: dict
:return: nothing
'''
## check for the required parameters
val = param.get("hashlib")
if val is not None:
self.hashlibStr = val
else:
self.hashlibStr = 'sha1'
otpKey = ''
if (self.hKeyRequired is True):
genkey = int(param.get("genkey", 0))
if 1 == genkey:
# if hashlibStr not in keylen dict, this will raise an Exception
otpKey = generate_otpkey(keylen.get(self.hashlibStr))
del param['genkey']
else:
# genkey not set: check otpkey is given
# this will raise an exception if otpkey is not present
try:
otpKey = param['otpkey']
except KeyError:
raise ParameterError("Missing parameter: 'serial'")
# finally set the values for the update
param['otpkey'] = otpKey
param['hashlib'] = self.hashlibStr
val = param.get("otplen")
if val is not None:
self.setOtpLen(int(val))
else:
self.setOtpLen(getFromConfig("DefaultOtpLen"))
val = param.get("timeStep")
if val is not None:
self.timeStep = val
val = param.get("timeWindow")
if val is not None:
self.timeWindow = val
val = param.get("timeShift")
if val is not None:
self.timeShift = val
HmacTokenClass.update(self, param)
if self.timeWindow is not None and self.timeWindow != '':
self.addToTokenInfo("timeWindow", self.timeWindow)
if self.timeShift is not None and self.timeShift != '':
self.addToTokenInfo("timeShift", self.timeShift)
if self.timeStep is not None and self.timeStep != '':
self.addToTokenInfo("timeStep", self.timeStep)
if self.hashlibStr:
self.addToTokenInfo("hashlib", self.hashlibStr)
return
def update(self, param):
'''
update - process the initialization parameters
:param param: dict of initialization parameters
:type param: dict
:return: nothing
'''
## check for the required parameters
val = param.get("hashlib")
if val is not None:
self.hashlibStr = val
else:
self.hashlibStr = 'sha1'
otpKey = ''
if (self.hKeyRequired is True):
genkey = int(param.get("genkey", 0))
if 1 == genkey:
# if hashlibStr not in keylen dict, this will raise an Exception
otpKey = generate_otpkey(keylen.get(self.hashlibStr))
del param['genkey']
else:
# genkey not set: check otpkey is given
# this will raise an exception if otpkey is not present
try:
otpKey = param['otpkey']
except KeyError:
raise ParameterError("Missing parameter: 'serial'")
# finally set the values for the update
param['otpkey'] = otpKey
param['hashlib'] = self.hashlibStr
val = param.get("otplen")
if val is not None:
self.setOtpLen(int(val))
else:
self.setOtpLen(getFromConfig("DefaultOtpLen"))
val = param.get("timeStep")
if val is not None:
self.timeStep = val
val = param.get("timeWindow")
if val is not None:
self.timeWindow = val
val = param.get("timeShift")
if val is not None:
self.timeShift = val
HmacTokenClass.update(self, param)
if self.timeWindow is not None and self.timeWindow != '':
self.addToTokenInfo("timeWindow", self.timeWindow)
if self.timeShift is not None and self.timeShift != '':
self.addToTokenInfo("timeShift", self.timeShift)
if self.timeStep is not None and self.timeStep != '':
self.addToTokenInfo("timeStep", self.timeStep)
if self.hashlibStr:
self.addToTokenInfo("hashlib", self.hashlibStr)
return
